Hardened Lunar Linux
Dennis Veatch
dennisveatch at bellsouth.net
Fri Mar 9 20:30:25 CET 2007
On Friday 09 March 2007 02:19:43 pm Jean Michel Bruenn wrote:
> heh. forgotten to answer on something:
> > 1) security reasons (better control of system by having knowledge and
> > tools to gather status of modules installed (hardened/not hardened). In
> > security enhanced system non-hardened modules are not welcome and
> > probably sysadmin will would like to scan installed modules list for the
> > items not meeting this requirement (to find possible weaknesses/holes).
> > Maybe download via https or secure ftp from secured server over encrypted
> > connection would be another argument for separate moonbase-hd file.
>
> Another thing (PERHAPS) could be, that we don't want every module in an
> hardened moonbase. For example: Normal Moonbase is user friendly. Mostly
> used for Desktop environments. A Hardened Moonbase wouldn't be as user
> friendly as it now is. And it would be for ppl who wants a secured system.
> The Question is, is it possible to say a secured system is a server-system?
> If yes - we wouldn't need xmms or audacity or ... you know what i mean.
> some modules or packages are useless on a server-system. The Question is
> should it be a moonbase with every module from the original moonbase, or
> simply a moonbase for server users.
>
> cheers, jean
2 Cent quip;
Do you really need a separate moonbase? Why not follow the same method sofar
used for x86_64 modules? Example;
BUILD.x86_64
And make them BUILD.hard (or whatever you want to call it.)
--
You can tuna piano but you can't tune a fish.
http://www.lunar-linux.org/
It's worth the spin.
More information about the Lunar-dev
mailing list